Back to Home / #linode / 2021 / 11 / Prev Day | Next Day
#linode IRC Logs for 2021-11-09

---Logopened Tue Nov 09 00:00:55 2021
00:39-!-satanpol [~satanpol@] has joined #linode
00:39-!-satanpol is "satanpol" on #linode
00:53-!-callmepk [] has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
01:01-!-lls [] has joined #linode
01:01-!-lls is "lls" on #linode
01:04-!-callmepk [] has joined #linode
01:04-!-callmepk is "Patrick Wu" on #debian #linode
01:12-!-Vikram [~oftc-webi@] has joined #linode
01:12-!-Vikram is "OFTC WebIRC Client" on #linode
01:23-!-Vikram [~oftc-webi@] has left #linode []
01:44-!-fergtm [~fergtm@2806:2f0:51e0:d72:5957:d76f:7136:2537] has quit [Remote host closed the connection]
02:00-!-fergtm [~fergtm@2806:2f0:51e0:d72:98a6:2cc5:61fd:58d2] has joined #linode
02:00-!-fergtm is "Fernando" on #linode
03:04-!-Karthik_ [~oftc-webi@] has joined #linode
03:04-!-Karthik_ is "OFTC WebIRC Client" on #linode
03:05<Karthik_>unable to login into the linode
03:05<Karthik_>not receiving the verification code
03:05<Karthik_>to mail
03:06<Karthik_>and even linode instance is not running
03:06<Karthik_>please rectify as soon as possible
03:40-!-Karthik_ [~oftc-webi@] has quit [Quit: Page closed]
03:54-!-lonewulf` [] has joined #linode
03:54-!-lonewulf` is "U-lonewulf-PC\lonewulf" on #linode #debian-offtopic #debian #oftc
04:15-!-true_hoo1a [~kevin@] has joined #linode
04:15-!-true_hoo1a is "K KEVIN MOSES" on #linode
04:16-!-true_hoo1a [~kevin@] has left #linode []
04:16-!-true_hoo1a [~kevin@] has joined #linode
04:16-!-true_hoo1a is "K KEVIN MOSES" on #linode
04:17-!-true_hoo1a [~kevin@] has left #linode []
05:26-!-Black [] has joined #linode
05:26-!-Black is "OFTC WebIRC Client" on #linode
05:27-!-Black [] has quit [Remote host closed the connection]
06:30-!-callmepk [] has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
06:41<linbot>Another satisfied customer! NEXT!
07:16-!-callmepk is "Patrick Wu" on #debian #postmarketos #debian-wsl
07:16-!-callmepk [] has joined #linode
08:11-!-waltman [waltman@2601:4a:701:4451:78f9:e2f6:ba3b:70d6] has quit [Ping timeout: 480 seconds]
08:29-!-waltman [waltman@2601:4a:701:4451:64af:e48b:f763:a2c] has joined #linode
08:29-!-waltman is "= "Walt"" on #linode
08:30-!-ckuehl [] has quit [Ping timeout: 480 seconds]
08:31-!-jess [] has joined #linode
08:31-!-jess is "jess" on #debian #moocows #oftc #linode @#freenode-exile #tor-dev #tor
08:48-!-ckuehl [] has joined #linode
08:48-!-ckuehl is "Chris Kuehl" on #linode #debian-printing
08:56-!-ckuehl [] has quit [Ping timeout: 480 seconds]
09:05-!-ckuehl [] has joined #linode
09:05-!-ckuehl is "Chris Kuehl" on #linode #debian-printing
09:11<linbot>New news from community: I create a new account and it should have 100$ credits assigned <>
09:12-!-ckuehl [] has quit [Quit: bye]
09:12-!-ckuehl [] has joined #linode
09:12-!-ckuehl is "Chris Kuehl" on #linode #debian-printing
09:25-!-anomie [] has joined #linode
09:25-!-anomie is "Anomie" on #linode
09:30-!-linville [] has joined #linode
09:30-!-linville is "John W. Linville" on #linode
09:57-!-el [] has quit [Remote host closed the connection]
09:57-!-el [] has joined #linode
09:57-!-el is "elky (" on #linode #oftc
10:13-!-callmepk [] has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
10:45-!-satanpol [~satanpol@] has quit [Ping timeout: 480 seconds]
10:46-!-Psi-Jack [] has quit [Quit: Do you type on your PS1 or play on your PS1?]
10:47-!-Psi-Jack [] has joined #linode
10:47-!-Psi-Jack is "" on #linux #linode #debian #ceph
10:49-!-satanpol [~satanpol@] has joined #linode
10:49-!-satanpol is "satanpol" on #linux #linode
11:09-!-sebastianos_ [~sebastian@] has joined #linode
11:09-!-sebastianos_ is "Sebastian B" on #ceph #postmarketos-offtopic #postmarketos #linode #fdroid #docker
11:11-!-sebastianos [~sebastian@] has quit [Ping timeout: 480 seconds]
11:17-!-Redentor [~armando@2600:3c01:e000:20c:4dff:fe7f:cbb:6424] has joined #linode
11:17-!-Redentor is "realname" on #linode #debian-next #debian-mx #debian
11:26-!-Lucretia [] has quit []
11:29-!-Lucretia [] has joined #linode
11:29-!-Lucretia is "Luke" on #wayland #rocm #oberon #radeon #dri-devel #linode #llvm #virt
11:59-!-lonewulf` [] has quit [Quit: leaving]
12:15-!-bodmas28 [] has joined #linode
12:15-!-bodmas28 is "OFTC WebIRC Client" on #linode
12:16<bodmas28>Hi hope everyone is fine, I have a couple of questions regarding a standing issue with one of my linodes
12:16<linbot>If you have a question, feel free to just ask it -- someone's always willing to help. If you don't get a response right away, be patient! You may want to read
12:17<bodmas28>My mysqld process crashes and I have to firstly kill it and then restart it
12:17<bodmas28>I have a woocommerce installation
12:17<bodmas28>a 2GB RAM linode
12:17<millisa>is it OOMing?
12:18<bodmas28>There's no log saying so, so I am guessing not
12:18<millisa>did you look in dmesg?
12:18<bodmas28>I have seen in the WP error.log that it does crash and restart sometimes
12:19<bodmas28>Hi millisa I haven't
12:19<bodmas28>let me have a look
12:21<millisa>there is likely something in dmesg and/or syslog giving you more info when something crashes.
12:21<millisa>if it's not a memory/system thing, the mysql logs would be the next place to lok.
12:23<bodmas28>the oomreaper is indeed killing mysqld a few times in a week
12:23<millisa>there you go then. either get more memory or change your mysql config to not run out of memory
12:24<bodmas28>so by configuring it to not run out of memory.... what would that do?
12:25<bodmas28>slow things down?
12:25<bodmas28>because I want to avoid the crashing
12:25<millisa>you limit the number of simultaneous processes, the amount of memory mysql can use (so less for caching things)
12:25<bodmas28>I don't mind the site going slow every now and then, but crashing is just giving a bad rep
12:26<millisa>(2gb is slim for a woocommerce setup)
12:26<bodmas28>by the looks of it, it crashes quite often but the oomreaper kills it and gets it back up
12:26<bodmas28>which is okish
12:27<millisa>you could also try one of the tuning scripts
12:27<bodmas28>but once in a while it crashes properly and no one gets it back up
12:27<millisa>(most of them tell you something if you've configured mysql in a way that it'll exceed system memory)
12:28<bodmas28>I'll have a look into this the guide you've sent
12:28<bodmas28>there's a couple of things that are somewhat concerning
12:29<millisa>(good luck, I'm stepping out)
12:29<bodmas28>the access.log inside apache2/wordpress is huge.... it can easily become 1GB in a day
12:29<bodmas28>and requests are coming from the same IP
12:30<bodmas28>Thanks millisa for your help
12:30<bodmas28>Can someone else tell me about the access.log file growing to 1gb in a single day?
12:37-!-Redentor [~armando@2600:3c01:e000:20c:4dff:fe7f:cbb:6424] has quit []
12:37-!-patrick_here [] has joined #linode
12:37-!-patrick_here is "OFTC WebIRC Client" on #linode
12:40<patrick_here>I just fired off 'create image' to create an image for one of my linodes (4.1G). It seemed to be progressing okay but now (5minutes later) when I click "images" I don't see any completed images. Should I expect it to take a very long time an hour?
12:40<bodmas28>Hi can anyone help me out, my access.log file gets filled with 1GB in a day
12:41<patrick_here>bodmas28: (I'm just another linode user) ...are you talking about apache log?
12:42<Peng>bodmas28: What do you need help with?
12:43<bodmas28>wordpress log
12:43<@pwoods>bodmas28: You can use logrotate to archive logs
12:44<bodmas28>the access.log file is massive, and if I delete it and restart.... in a day it easily gets filled with 1000MB of data
12:44<@pwoods>You can also set up something like Fail2ban to stop some of the unwanted access attempts
12:44<bodmas28>it's mostly GET requests.... but recently it's coming from one IP
12:45<bodmas28>is this like a ddos attack?
12:45<Nivex>most distros ship with a logrotate configuration. If you're dealing with that much traffic, you might have to change from daily to hourly rotation.
12:45<patrick_here>No I don't think it's a 'wordpress log'. It's the apache log for a specific wordpress site. What are you using to block attackers and spammers who would attack your wordpress site. Are you using fail2ban?
12:45<@pwoods>Could be, you can sent the logs to the ISP who has that IP assigned and they may take action on it
12:46<Peng>If it's one IP, it's more of a DoS attack than a DDoS attack. :P
12:46<Peng>bodmas28: Without more information, it's hard to conclude anything. Maybe someone wants to overload your site. Maybe it's an accidental software bug. Maybe someone wants to scrape your site.
12:46<bodmas28>patrick_here yes I am, well it came with the linode installation. When I was starting the linode I selected the wordpress installation
12:46<bodmas28>so all of this came out of the box
12:47<Nivex>if it's just one IP and it doesn't look like legit traffic, block it with a firewall rule and call it a day
12:47<bodmas28>I think I might need to ban that I^
12:47<patrick_here>I would say it's just what you normally would expect to see if fail2ban is not protecting the site.
12:47<@pwoods>You can also look into DoS protection. Sucuri, Cloudflare, and Akamai are some of the companies that help with that
12:47<patrick_here>I have seen that kind of thing many times in my apache access.log for wordpress sites. Got rid of it with correct fail2ban settings.
12:48<Peng>(Note: It's usually a bad idea to block IPs *forever*. The IP might be reassigned to another user soon.)
12:48<bodmas28>Yeah I was thinking about the reassignment
12:48<bodmas28>mmmm... I will have a look at the fail2ban config
12:49<patrick_here>Yes, with fail2ban you can control the banning without banning forever.
12:49<bodmas28>Basically I purchased a 1GB linode a while back and I believe I selected one with a Wordpress installation on it
12:49<bodmas28>so everything was set and good to go
12:50<bodmas28>But at least once a month.... mysql crashes ... and I have to kill it to be able to get it back up running
12:50<patrick_here>Hmmm.... fail2ban might not be the solution for you because it's tricky to setup. However logrotate would not solve your problem.
12:50<bodmas28>so I have been looking around the logs etc
12:50<bodmas28>and something that got my attention was that massive log file
12:50<bodmas28>in a day it can easily cross the 900MB size
12:51<@pwoods>a large log shouldn't cause a service to crash.
12:51<patrick_here>Yes, these attackers will just hit the site repeatedly -like every second for long periods of time ...and that will just fill up the apache log.
12:51<@pwoods>Also, our Marketplace apps are just the installation, security and updates are still needed on them.
12:52<bodmas28>yeah... i believed everything was set up out of the box
12:52<@pwoods>As millisa said earlier, I'd recommend checking the mysql logs to see why it's falling over
12:52<bodmas28>but I am guessing I need to get the security and updates of the Linode itself too
12:52<bodmas28>the mysql logs don't say anything
12:52<LouWestin>For Wordpress there is a plug-in that changes your default login url. That helped when I ran a Wordpress site
12:52<bodmas28>let me copy an extract
12:53<@pwoods>Yeah, security of the linode is up to the owner of the Linode.
12:55<bodmas28>and is there a guide where I can start with security
12:56<@pwoods>Here's a great place to start
12:56<bodmas28>because this linode hosts a woocommerce for a customer.... it looks very bad when the site crashes
12:56<bodmas28>Thank you so much for the help
12:56<@pwoods>We also ran a short series on WordPress security tips on our blog:
13:00<patrick_here>Are there any linode support people here? Creating an image of my linode just isn't working for me. Running 'df -h' shows that my / is using just 4.1G .
13:01<LouWestin>Disk space?
13:01<@pwoods>patrick_here: !ops
13:01<linbot>Users with ops are employees of Linode, and know what they're talking about. The rest of us are the ever-so-helpful(?) community. Official Linode contact information:
13:02<LouWestin>Some of us community members can help too
13:03<@pwoods>The default for images is still 6GB, though it's helpful to know that we don't directly mount disks, so sometimes our best guess can be off.
13:03<LouWestin>Account related questions and issues need to go to support staff.
13:03<@pwoods>If you open a ticket for this, patrick_here , I can take a look.
13:03<patrick_here>Do you mean the size of the disk as shown on the "storage" tab for the linode?
13:04<@pwoods>That's storage allocation
13:04<@pwoods>That's related to the Linode's plan.
13:04<@pwoods>We don't have access to the internals of the Linode, so we wouldn't be able to tell, then display, actual disk usage in the Cloud Manager
13:04<patrick_here>My understanding is that I need to look at the output of 'df -h' ...and it is showing 4.1G
13:05<patrick_here>I don't see a place where actual disk usage shows in the cloud manager.
13:06<@pwoods>Right, and if you open a ticket, I can take a look at what our system is saying as to why the Image is failing.
13:06<@pwoods>The Cloud Manager will not show disk usage, that's correct.
13:07<patrick_here>okay I'll open a ticket then.
13:09<@pwoods>Great, once you do, let me know the ticket number and I'll take a look
13:10<patrick_here>Ticket ID: 16469430
13:11<@pwoods>great, thanks
13:13<@pwoods>I think that's the wrong ticket number, though I think I found the right ticket.
13:15<@pwoods>patrick_here: I just updated your ticket
13:15-!-hiii [~oftc-webi@] has joined #linode
13:15-!-hiii is "OFTC WebIRC Client" on #linode
13:20<patrick_here>Okay, yes I see it. Thanks very much. Sorry for the confusion on the numbers.
13:38<@pwoods>it's cool, no worries. As long as you're squared away.
13:41<kharlan>pwoods to the rescue
13:46<patrick_here>Okay that image succeeded. Quick question: I've never done a "backup" before on linode. When scheduling a "backup" (ie not an image) does the VPS get shutdown for the backup (and then powered up when it completes)?
13:49<@pwoods>I assume you're talking about the Linode Backup Service, right?
13:59<@pwoods>That service runs on the same host and works in a way that does not require the Linode to be powered down.
14:00<@pwoods>Then, it takes that backup and sends it to a different machine where it's stored, in the same data center.
14:02<patrick_here>Hmmm... Okay but isn't it true that a backup of a runnig linux system (ubuntu) would be inferior to a backup made on a system that's shut down? I'm wondering how the restore would work if the system was not shut down when the backup was made?
14:02<@pwoods>Well, while I can't get into the secret sauce, I can say that we have many restores that are successful every day.
14:03<patrick_here>Hmmm... That's interesting!
14:05<@pwoods>There are Limitations to the service:
14:05<@pwoods>Plus, I always recommend off-site backups as well.
14:05-!-KindOne [] has quit [Ping timeout: 480 seconds]
14:06<@pwoods>Our Backup Service is a really helpful tool, though there's no substitute to a solid backup plan.
14:07<file>I'm backin' up backin' up backin' up backin' up, cause data loss taught me good, I'm backin' up all my data, and I'm like data loss? no thanks no thanks no thanks
14:08-!-KindOne [] has joined #linode
14:08-!-KindOne is "..." on #tor #php #ovirt #oftc #moocows #mirc #llvm #linode #libevent #https-everywhere #gentoo #g7 #freenode #eff #debian-next #ceph
14:08<patrick_here>Oh, yes, got it. I see the explanation about MySql dumps. That helps. Thanks for everything!
14:10<@pwoods>Yeah, that's maybe the most likely one to get people, though if you run a cron for dumps daily, you should be good to go.
14:10<patrick_here>Ok. Got it.
14:12<bodmas28>Hi Guys
14:12<bodmas28>I added a Cloud Firewall
14:12<bodmas28>and I wanted to ban the IP that's requesting all the lot
14:12<bodmas28>in my access log it comes out like this:
14:13<bodmas28> - - [09/Nov/2021:19:11:49 +0000] "POST /wp-content/plugins/translatepress-multilingual/includes/trp-ajax.php HTTP/1.1" 200 477 "" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/81.0.4044.138 Safari/537.36"
14:13<bodmas28>I am adding the drop rule on HTTP, HTTPS with the IP
14:13<bodmas28>but it does not seem to work
14:13<bodmas28>requests are still getting in
14:15<@_brian>make sure your drop rule is above your accept rule
14:16<bodmas28>ohh trying that now
14:16<dwfreed>yeah, rule ordering matters
14:21<bodmas28>Ohh woww it looks like it's working
14:21<bodmas28>Thank you so much
14:22<@_brian>nice! you're welcome :)
14:22<bodmas28>this mask number after the IP should be 32 or 128?
14:22<bodmas28>do you know how I can be able to diferentiate when to use one or the other?
14:22<@_brian>32 is a single IPv4 address, 128 would be for IPv6
14:38-!-hiii [~oftc-webi@] has quit [Remote host closed the connection]
14:38-!-bodmas28 [] has quit [Remote host closed the connection]
14:38-!-patrick_here [] has quit [Remote host closed the connection]
14:42-!-incorect_admin [~oftc-webi@] has joined #linode
14:42-!-incorect_admin is "OFTC WebIRC Client" on #linode
14:43-!-incorect_admin [~oftc-webi@] has quit []
15:40<bss>I've finally requested a /64 for my MTA and configured everything... now to be paranoid for the next month that I've screwed something up in some indiscernible fashion, because every time going into /etc/postfix/ is a journey
16:06-!-Zr40_ [] has joined #linode
16:06-!-Zr40_ is "Zr40" on #debian-next #linode #debian
16:10-!-satanpol [~satanpol@] has quit [Quit: leaving]
16:10-!-Zr40 [] has quit [Ping timeout: 480 seconds]
16:22-!-Zr40_ is now known as Zr40
16:29-!-linville [] has quit [Quit: Leaving]
16:43<LouWestin>bss: well there's only one way to find out! lol
16:53<linbot>New news from community: longview repository missing for AlmaLinux <>
17:12<bss>I try to be smart about my configs and leave comments expressive yet concise, but for whatever reason, postfix is just beyond my ken and the config is endless blocks of me commenting something out from three years ago and replacing it with a slightly different block, with an accompanying comment like "trying this"
17:13<warewolf>I just use sendmail.
17:13<bss>why?? when?? past bss decided to leave those as mysteries
17:23<linbot>New news from community: I’m getting a Forbidden error when trying to access objects in my Object Storage bucket after renaming a folder. How can I access my files? <>
17:46<millisa> "# make it go"
17:49-!-satanpol [] has joined #linode
17:49-!-satanpol is "satanpol" on #linode
17:53-!-anomie [] has quit [Quit: Leaving]
18:22-!-satanpol [] has quit [Quit: leaving]
18:29-!-u0_a285 [~u0_a285@] has joined #linode
18:29-!-u0_a285 is "u0_a285" on #linode
18:31-!-afx237 [~afx237@] has quit [Ping timeout: 480 seconds]
18:32-!-u0_a285 [~u0_a285@] has left #linode [WeeChat 3.0.1]
20:15-!-patrick_here [] has joined #linode
20:15-!-patrick_here is "OFTC WebIRC Client" on #linode
20:17-!-waltman [waltman@2601:4a:701:4451:64af:e48b:f763:a2c] has quit [Quit: leaving]
20:23-!-waltman [waltman@2601:4a:701:4451:254c:8a3e:e8cc:a2f6] has joined #linode
20:23-!-waltman is "= "Walt"" on #linode
20:24<patrick_here>Question about receiving an incoming email in reply to a message sent by my (supposedly send-only) postfix install...
20:24<patrick_here>...If I setup an MX record on pointing to my own domain ( and a receiving mail server decides to send me a return email addressed to "", is there a way for me to verify that postfix accepted that incoming message without sending some kind of reply to the sender (like "no user by that name on
20:25<dwfreed>it'll be in the mail log
20:25<dwfreed>usually /var/log/mail.log
20:25<dwfreed>do note that some receiving mailservers verify that the sending user exists
20:26<patrick_here>Oh ...okay ...thanks. (would there be anything showing in "mailq")
20:27<patrick_here>In my /var/log/mail.log I'm seeing some entries saying: "Recipient address rejected: User unknown in virtual mailbox table (in reply to RCPT TO command))"
20:28<patrick_here>...trying to figure out what that's all about...
20:29<patrick_here>The log entry looks like it was in response to a test message that I sent to my Fastmail account (from my postfix MTA).
20:30<patrick_here>It says "status=bounced"
20:40-!-patrick_here [] has quit [Quit: Page closed]
20:54<LouWestin>!next ?
20:54<linbot>Another satisfied customer! NEXT!
20:59-!-callmepk [] has joined #linode
20:59-!-callmepk is "Patrick Wu" on #linode #debian-wsl
21:07-!-afx237 [~afx237@] has joined #linode
21:07-!-afx237 is "c'mon you cunt, lets have some aphex acid" on @#shellshock #linode @#bfpg #debian-next #virt #quodlibet #debian
21:14<linbot>New news from community: GitLab Linode Appears to be Outbound DDoSing <>
21:44-!-patrick_here [] has joined #linode
21:44-!-patrick_here is "OFTC WebIRC Client" on #linode
22:11-!-patrick_here [] has quit [Quit: Page closed]
22:56-!-lggirls [~oftc-webi@] has joined #linode
22:56-!-lggirls is "OFTC WebIRC Client" on #linode
22:59-!-lggirls [~oftc-webi@] has quit []
---Logclosed Wed Nov 10 00:00:57 2021